Server device, communication device, and program for managing contents usage

ABSTRACT

Server device  60  stores contract identification information with UIM identification information for identifying UIM  20  issued based on a subscription contract between a subscriber and a communication carrier for services provided by the communication carrier, the contract identification information identifying the subscription contract. UIM  20  stores UIM identification information. After receiving the UIM identification information from mobile station  30  which obtained the UIM identification information from UIM  20,  server device  60  transmits the contract identification information corresponding to the UIM identification information to the mobile station  30.  Then the contract identification information is stored in UIM  20.  Consequently, the present invention allows a communication apparatus to distinguish the user who attempts to use the communication apparatus.

TECHNICAL FIELD

The present invention relates to the art for restricting contents usage.

BACKGROUND ART

A system for distributing contents from a server of information provider(IP) to a mobile station via mobile packet communication network is wellknown. In such a system, distributed content is stored in nonvolatilememory of the mobile station, and is used within the mobile station.Distribution of contents permitted by a copyright holder to be used onlyin the mobile station, is carried out using this system.

DISCLOSURE OF INVENTION

It is to be noted that, in the system described above, if no restrictionis applied to content usage, a third person can use the content when themobile station is transferred to the third person. That is to say, thereis a possibility that a third person can use the content beyond therange permitted by the copyright holder. To avoid this, in a case thatthe mobile station is transferred to a new user, a step (e.g.initialization of nonvolatile memory) has been taken to restrictcontents usage. However, in the case that a user is required to exchangehis (her) mobile station because of malfunction or the like, theabove-described step prevents the user from using data which was storedin his (her) old mobile station. This is inconvenient for mobile stationusers.

A further problem may occur in mobile stations having UIM (UniversalIdentity Module) capability. For example, in a case that subscriber Auses subscriber B's mobile station with subscriber A's UIM, subscriber Ahas access to data in subscriber B's mobile station. In such a case, anycontents authorized for use by subscriber B only, can be used bysubscriber A. This problem may be solved by allowing a user to usecontent in a mobile station only when the UIM which was attached to themobile station when downloading the content is attached to the mobilestation. For example, the content may be stored in nonvolatile memorywith identification data of the UIM attached to the mobile station atthat time. Use of the content would then be permitted only when theidentification data of the UIM attached to the mobile station at thattime is congruent with the identification data stored with the contentin nonvolatile memory.

A further problem occurs when a user exchanges his (her) UIM because ofmalfunction or ending of the life time, as the identification data ofthe user's UIM is changed despite the continuation of the user'ssubscription contract. This is because each UIM has uniqueidentification data. For this reason, a user cannot use contents afterexchanging his (her) UIM even if the user is the person who hasdownloaded the content.

As described above, the system of the prior art both restricts contentsusage for a user and allows unauthorized contents usage. This is becausethe communication device which restricts the contents usage for userscannot distinguish authorized users from others.

The present invention will solve the above-described problems, and allowa communication apparatus to distinguish authorized users from others.

To solve the problems, the present invention provides a server device,comprising: storage means for storing correspondingly contractidentification information for identifying a subscription contract whichis made between a subscriber to a communication service and acommunication carrier providing the service, and medium identificationinformation for identifying a storage medium issued based on thesubscription contract; receiving means for receiving the mediumidentification information; extracting means for extracting from thestorage means the contract identification information corresponding tothe medium identification information received by the receiving means;and transmitting means for transmitting the contract identificationinformation extracted by the extracting means to a communicationapparatus for storing the received information in the storage medium,the communication apparatus being capable of accessing the storagemedium identified by the medium identification information received bythe receiving means.

The present invention also provides a communication apparatus,comprising: medium identification information extracting means forextracting medium identification information from a storage mediumissued based on a subscription contract between a subscriber to acommunication service and a communication carrier providing thecommunication service, the storage medium being capable of communicatingwith the communication apparatus; identification informationtransmitting means for transmitting the medium identificationinformation to a server device, the medium identification informationbeing extracted by the medium identification information extractingmeans, the server device transmitting contract identificationinformation for identifying the subscription contract based on which thestorage medium is issued, the storage medium storing the received mediumidentification information; identification information receiving meansfor receiving the contract identification information transmitted fromthe server device; and storage means for storing the contractidentification information in the storage medium identificationinformation is extracted by the medium identification informationextracting means, the contract identification information being receivedby the identification information receiving means.

The present invention also provides an application for causing acomputer to store the contract identification information with themedium identification information, contract identification informationidentifying a contract between a subscriber and a communication carrierfor services provided by the communication carrier, the mediumidentification information identifying the storage medium issued basedon the contract; to receive the medium identification information; toread the contract identification information stored by the storage stepcorresponding to the medium identification information received by thereceiving step; and to transmit the contract identification informationread by the reading means.

The present invention also provides an application for causing acomputer to read the medium identification information from the storagemedium issued based on the contract; to transmit the mediumidentification information to the server device, the server devicetransmitting the contract identification information for identifying thecontract based on which the storage medium was issued; to receive thecontract identification information transmitted by the server device;and to store the contract identification information received by theidentification information receiving means into the storage medium whosemedium identification information was read by the medium reading means.

The present invention may provide a storage medium for storing one ofthe above described two application.

According to each of the above embodiments, the contract identificationinformation is stored in the storage medium. The communication apparatuscan communicate information to the storage medium, so that the contractidentification information is available in the communication apparatus.

The communication apparatus may further comprise: receiving means forreceiving a content; encrypting means for encrypting the contentreceived by the receiving means using the contract identificationinformation stored in the storage medium capable of communicating to thecommunication apparatus; and storage means for storing the contentencrypted by the encrypting means. The communication apparatus mayfurther comprise: receiving means for receiving the content; contentsencrypting means for encrypting the content by using a first keygenerated when the content was received by the receiving means; keyencrypting means for encrypting the first key by using a second keygenerated when the content was received by the contents receiving meansbased on both a predetermined rule for generating keys and the contractidentification information stored in the storage medium capable ofcommunicating information to the communication apparatus; and storagemeans for storing the content encrypted by the contents encrypting meanscorresponding to the second key encrypted by the key encrypting means.

BRIEF DESCRIPTION OF DRAWING

FIG. 1 shows an overall configuration of the system for restrictingcontents usage in accordance with the first embodiment of the presentinvention.

FIG. 2 is a block diagram showing a configuration of UIM 20 which is anentity of the system.

FIG. 3 is a block diagram showing a configuration of mobile station 30which is an entity of the system.

FIG. 4 is a block diagram showing a configuration of server device 60which is an entity of the system.

FIG. 5 is a conceptual diagram showing the operation of the system.

FIG. 6 is a block diagram showing the flow of the output process inserver device 60.

FIG. 7 is a block diagram showing the flow of the storage process ofcertification information in mobile station 30.

FIG. 8 is a block diagram showing the flow of the download process inmobile station 30.

FIG. 9 is a block diagram showing the flow of the execution process inmobile station 30.

FIG. 10 is a block diagram showing the flow of the output process inmobile station 30.

FIG. 11 shows an overall configuration of the system for restrictingcontents usage in accordance with the second embodiment of the presentinvention.

FIG. 12 is a block diagram showing a configuration of mobile station 80which is an entity of the system.

FIG. 13 is a block diagram showing the flow of the download process inmobile station 80.

FIG. 14 is a block diagram showing the flow of the execution process inmobile station 80.

PREFERRED EMBODIMENTS

Herein below, the system for restricting contents usage, which is anembodiment of the present invention, will be explained with reference tothe drawings. Note that the symbols for the components are consistentthroughout the drawings.

[1] First Embodiment

The difference between the first embodiment and the second embodiment ofthe present invention is the use of restriction table T1 which storessets of contract identification information for identifying a subscriberand application (AP) identification information for identifying adistributed AP. Herein below, a system in accordance with the firstembodiment will be explained in detail.

(1) Configuration

FIG. 1 shows an overall configuration of the system. Regarding thesystem for restricting contents usage shown in FIG. 1, it is assumedthat mobile station 30 to which UIM 20 is mounted can download an APprogram from IP server 10 storing AP programs and execute the downloadedAP program.

As shown in FIG. 1, mobile packet communication network 40, which servesmobile station 30 with UIM 20 being mounted, is connected to theInternet 50 via server device 60 which provides contract identificationinformation. IP server device 10 is connected to the Internet 50. Notethat PC (Personal Computer) 70 in FIG. 1 is installed for backup ofdownloaded AP programs in mobile station 30. Also note that the systemmay comprise more than one UIM, mobile station, and IP server device,although only one of the respective entities is shown in FIG. 1.

(1-1) UIM 20

FIG. 2 is a block diagram showing a configuration of UIM 20. As shown inFIG. 2, UIM 20 comprises ROM (Read Only Memory) 21, EEPROM (ElectricallyErasable Programmable Read Only Memory) 22 for storing certificationinformation (described later), mobile station interface 23, control unit24, and bus connecting to the respective entities 21-24. Mobile stationinterface 23 is used when UIM 20 is mounted to mobile station 30. Mobilestation 30 supplies the power to mobile station interface 23 when UIM 20is mounted on mobile station 30 whose power supply is already switchedon. Mobile station interface 23 supplies the power to respectiveentities. Mobile station interface also relays signals between mobilestation 30 and control unit 24.

When a request decoded from signal transmitted from mobile station 30via mobile station interface 23 is a storage request for storingcertification information, control unit 24 causes the certificationinformation included in the storage request to be stored in EEPROM 22.When the request from mobile station 30 is a request for submittingcertification information, control unit 24 reads the certificationinformation from EEPROM 22 and provides the information to mobilestation 30 by transmitting the information as a signal to mobile stationinterface 23. When the request from mobile station 30 is a request forsubmitting UIM identification information, control unit 24 reads the UIMidentification information from ROM 21 and provides the information tomobile station 30.

(1-2) Mobile Station 30

FIG. 3 is a block diagram showing a configuration of mobile station 30.As shown in FIG. 3, mobile station 30 comprises input unit 31, liquidcrystal display 32, UIM interface 33, mobile communication unit 34, IR(infrared) communication unit 35, EEPROM 36, CPU (Central ProcessingUnit) 37, ROM 38 storing control program operated by CPU 37, RAM (RandomAccess Memory) 39 used as work area for CPU 37, bus connectingrespective entities 31-39, and a power supply (not shown in the figures)for respective entities 31-39.

Input unit 31 has a keypad operated by a user who inputs commands tomobile station 30, and which provides a signal to CPU 37 in response tothe operation. Liquid crystal display 32 displays images in response tothe signal provided from CPU 37.

UIM interface 33 is connected to mobile station interface 23 of UIM 20when mounting UIM 20 to mobile station 30, and performs a signal relayoperation complementary to operation of mobile station interface 23.Namely, UIM interface 33 relays a signal between CPU 37 and UIM 20. UIMinterface 33 also supplies power to UIM 20, which is supplied by thepower supply.

Mobile communication unit 34 operates in response to a command providedby CPU 37, and sends/receives wireless signal to/from mobile packetcommunication network 40. Mobile communication unit 34 receives packetsfrom CPU 37, and transmits the packets as wireless signals to mobilepacket communication network 40. Mobile communication unit 34 alsoreceives wireless signals transmitted from mobile packet communicationnetwork 40, decodes packets from the wireless signals, and transmits thepackets to CPU 37. IR communication unit 35 is used when outputtingcontents stored in EEPROM 36 to PC 70 for backup. IR communication unit35 comprises an IR receiver and an IR transmitter (neither of which isshown in the figures). IR receiver provides a signal in response to thereceived IR beam to CPU 37, and information received as IR beam istransmitted to CPU 37. IR transmitter transmits IR beam in response tothe signal received from CPU 37, and information is transmitted outsidethe mobile station 30 as IR beam.

EEPROM 36 stores address information showing a telephone number ofserver device 60 and a public key provided by the communication carrierserving mobile packet communication network 40. EEPROM 36 is also usedfor storing distributed AP programs, restriction table T1, and otherrelated files.

When the power is supplied to mobile station 30 with UIM 20 beingmounted, CPU 37 reads the control program from ROM 38 and executes it.CPU 37 which is executing the control program provides a user-interfaceand operates in response to a command determined based on both a stateof the user-interface and a signal from input unit 31.

(1-3) PC 70

PC 70 in FIG. 1 is a computer device. PC 70 has an IR communication unitwhich operates complimentarily with IR communication unit 35 in mobilestation 30, and stores information inputted from the IR communicationunit.

(1-4) Mobile Packet Communication Network

Mobile packet communication network 40 is served by the communicationcarrier, which provides mobile packet communication services to itssubscribers. This mobile packet communication network 40 comprisesswitching centers, wireless base station, etc. (not shown in thefigures). When a packet is received from mobile station 30, mobilepacket communication network 40 first identifies the telephone numbercorresponding to the identification information of the source of thepacket. Then, the information for indicating the telephone number isadded to the packet, and the packet is transmitted to the destinationidentified by destination address information. Further, mobile packetcommunication network 40 transmits the packet received from serverdevice 60 to the destination identified by the destination addressinformation in the packet.

(1-5) Server Device 60

Server device 60 is served by the above-described communication

FIG. 4 is a block diagram showing a configuration of server device 60.As shown in FIG. 4, server device 60 comprises: an inside communicationunit 61 connected to mobile packet communication network 40; an outsidecommunication unit 62 connected to the Internet 50; a nonvolatile memory63 such as a hard disk or a semiconductor disk; CPU 64; ROM 65 forstoring a startup program executed by CPU 64; RAM 66 used as a work areafor CPU 64; and a power supply (not shown in the figures) for supplyingpower to respective entities 61-66.

Inside communication unit 61 operates complimentarily with mobilecommunication unit 34 of mobile station 30. Namely, inside communicationunit 61 relays packets between CPU 64 and mobile packet communicationnetwork 40. However, since inside communication unit 61 is connected bya wire to mobile packet communication network 40, the signaltransmitted/received between inside communication unit 61 and mobilepacket communication network 40 is a wired signal. Outside communicationunit 62 operates in response to an instruction provided by CPU 64, andtransmits/receives a signal to/from the Internet 50. Outsidecommunication unit 62 receives packets transmitted from CPU 64, andtransmits the packets to the Internet 50 as signal. Outsidecommunication unit 62 also receives a signal transmitted from theInternet 50, then decodes packets from the signal, and finally transmitsthe packets to CPU 64. Thus, the packets are received by mobile station30.

It is to be noted that, to become a subscriber, it is necessary to makea subscription contract with the communication carrier which providescommunication services. A subscriber can be provided with thecommunication services. Memory 63 stores contract table T2 and a controlprogram. Contract table T2 stores sets of subscription contractinformation and contract identification information for identifying asubscription contract. The control program is executed by CPU 37.Subscription contract information includes necessary information foridentifying a subscriber, but does not include information showing his(her) telephone number or UIM identification information. Accordingly,the subscriber can change his (her) telephone number and UIM whilecontinuing his (her) subscription contract.

Since a message transmitted or received via the Internet 50 comprises atleast one packet, outside communication unit 62 transmits at least onepacket when transmitting a message and receives at least one packet whenreceiving a message.

(1-6) IP Server Device 10

IP server device 10 is a server device served by IP (informationprovider). IP server device 10 stores AP programs and can distribute theAP programs to mobile station 30. When a request message fortransmitting an AP program is transmitted from server device 60, IPserver device 10 first receives the request message. Then, IP serverdevice 10 generates a distribution message including the AP programstored in the location indicated by the destination URL (UniformResource Locator) in the request message, and transmits the distributionmessage to mobile station 30. In the preferred embodiments, it isassumed that the copyright holders of the AP programs stored in IPserver 10 permit a user to execute the AP program and to copy the APprogram for backup.

(2) Operation of the Entities

In this section, the operation of the entities in the first embodimentwill be described. Herein below, the following is assumed: As shown inFIG. 5, subscriber SA and subscriber SB who are able to access theservices by using mobile packet communication network 40, use mobilestation 30 exclusively; Subscriber SA owns UIM 20A, and subscriber SBowns UIM 20B1 and UIM 20B2; These UIMs, that is, UIM 20A, UIM 20B1, andUIM 20B2 have the same configuration as the above-described UIM 20; andIP server device 10 stores AP program PA and AP program PB.

(2-1) The Operation of Server Device 60

First, the operation of server device 60 for restricting contents usagewill be described. When the power supply is switched on, CPU 64 ofserver device 60 reads the startup program from ROM 65 and executes thestartup program. After executing the startup program, CPU 64 reads thecontrol program from memory 63 and executes it. During the execution ofthe control program CPU 64 carries out the process as shown in FIG. 6until the control program is suspended. Namely, when CPU 64 receives arequest message (S601: YES) for contract identification information viaoutside communication unit 64, CPU 64 extracts (S602) contractidentification information and subscription contract information fromcontract table T2. The contract identification information andsubscription contract information correspond to the UIM identificationinformation in the request message. Then, CPU 64 generates (S603)certification information showing that UIM 20 is a valid UIM certifiedby the subscription contract identified by the contract identificationinformation, the UIM identification information, the subscriptioncontract information, and the contract identification information. Thecertification information includes the contract identificationinformation and encrypted by the secret key of the communication carrierserving mobile packet communication network 40. Finally, CPU 64transmits (S604) the certification message including the certificationinformation to mobile station 30 via inside communication unit 61.

Furthermore, when CPU 64 in operating the control program receives arequest message for transmitting an AP program via inside communicationunit 61, CPU 64 transmits the request message to the IP server deviceidentified by the destination URL included in the request message.Subsequently, CPU 64 receives the distribution message (described later)in response to the request message from the IP server device, andtransmits the distribution message to the mobile station which is asender of the request message for sending the AP program.

(2-2) The Operation for Starting Usage of UIM 20 a

Next, the operation for starting usage of UIM 20A will be described.

Herein below, the following is assumed: UIM 20A has not yet stored thecertification information corresponding to UIM 20A; UIM 20A ofsubscriber SA is mounted to mobile station 30, and the power supply ofmobile station 30, and that of server device 60 is also already switchedon.

Subscriber SA who attempts to download an AP program to mobile station30, first operates the keypad of input unit 31, and enters theinstruction for downloading the certification information of UIM 20A andto store the certification information in UIM 20A. When the instructionis entered, the process for storing the certification information shownin FIG. 7 is carried out. Namely, CPU 37 of mobile station 30 firstobtains the UIM identification information from UIM 20A. Specifically,first, the signal for requiring UIM identification information istransmitted to UIM 20A via UIM interface 33. Then, control unit 24 ofUIM 20A which received the request reads the UIM identificationinformation stored in ROM 74, and transmits it to mobile station 30 viaUIM interface 33.

After receiving the UIM identification information from UIM 20A, CPU 37in mobile station 30 reads the device address information stored in ROM38, and sets the device address information as the destination address.Consequently, CPU 37 transmits (S202) a request message for transmittingcontract identification information to mobile packet communicationnetwork 40 via mobile communication unit 34. The request messageincludes the UIM identification information. The request message is amessage for requesting server device 60 to transmit the contractidentification information corresponding to the UIM identificationinformation of UIM 20A. Here, server device 60 is identified by thedevice address information.

The request message is transmitted to server device 60 by mobile packetcommunication network 40, and is received by inside communication unit61 of server device 60. In server device 60, the message which isreceived by inside communication network, is transmitted to CPU 64.After receiving the message, CPU 64 extracts the contract identificationinformation and the subscription contract information from contracttable T2. Here, both the contract identification information and thesubscription contract information correspond to the UIM identificationinformation included in the request message.

After reading the contract identification information and subscriptionidentification information, CPU 64 generates certification informationfor UIM 20A, and transmits a certification message including thecertification information to mobile station 30 via inside communicationunit 61. The certification message is transmitted to mobile station 30by mobile packet communication network 40, and is received (S203) bymobile communication unit 34 of mobile station 30. In mobile station 30,the certification message received by mobile communication unit 34 istransmitted to CPU 37, CPU 37 then requests (S204) UIM 20A to store thecertification information in UIM 20A. Here, the certificationinformation is included in the certification message. After receivingthe request, control unit 24 in UIM 20A stores the certificationinformation in EEPROM 22 of UIM 20A.

It is impossible to falsify the certification information stored inEEPROM 22 because the certification information is encrypted by thesecret key of the communication carrier serving mobile packetcommunication network 40. Furthermore, the certification message istransmitted to mobile station 30 only via mobile packet communicationnetwork 40. Since the security for communication in mobile packetcommunication network 40 is ensured by the communication carrier, thereis no risk that the certification information is falsified on thecommunication route.

Note that a message transmitted and received via mobile packetcommunication network comprises at least one packet. Accordingly, mobilecommunication unit 34 transmits at least one packet when sending amessage and receives at least one packet when receiving a message. Apacket transmitted by mobile communication unit 34 includes adestination address and a sender address. For example, the packetscomprising the above-described request message for transmitting contractidentification information include the device address information as adestination address.

(2-3) Download Process of an AP Program with UIM 20A

The process for downloading AP program PA by subscriber SA with UIM 20Awill be described in this section.

If subscriber SA enters the instruction for downloading AP program PA tomobile station 30 from IP server device 10, the download process shownin FIG. 8 is carried out. Namely, CPU 37 first transmits (S211) arequest message for distributing AP program PA to server device 60 viamobile packet communication network 40. The request message includes theURL of AP program PA as a destination URL. Since the destination URL ofthe request message is the URL of AP program PA stored in IP server 10,the request message is transmitted from server device 60 to IP serverdevice 10 via the Internet 50 and is received by IP server device 10.

Then, IP server 10 generates a distribution message including AP programPA identified by the destination URL in the received request message,and sends back the distribution message. Consequently, the distributionmessage is transmitted to mobile station 30 via the Internet 50, serverdevice 60, and mobile packet communication network 40. Subsequently, thedistribution message is received by mobile communication unit 34 to betransmitted to CPU 37. Thus, CPU 37 receives (S212) the distributionmessage.

CPU 37 generates (S213) distributed AP identification information foridentifying AP program PA in mobile station 30. Here, AP program PA isincluded in the distribution message. Consequently, CPU 37 stores (S214)correspondingly the distributed AP identification information and APprogram PA in EEPROM 36. Further, CPU 37 performs information extractionfor UIM (S215). Namely, first, CPU 37 requires UIM 20A mounted to mobilestation 30 to provide the certification information stored in EEPROM 22of UIM 20A, and obtains the certification information. Then, CPU 37reads the public key of the communication carrier from EEPROM 36. Here,the communication carrier serves mobile packet communication network 40.Finally CPU 37 decrypts the certification information by using thepublic key, and extracts the contract identification information fromthe decrypted certification information. Consequently, CPU 37 storescorrespondingly the contract identification information and thedistributed AP identification information which was generated inadvance. Note that restriction table T1 has been stored in EEPROM priorto this download process.

(2-4) Download Process of AP Program with UIM 20B1

The download process of AP program PB with UIM 20B1 to mobile station 30will be described in this section.

In this section, the following is assumed: the contract identificationinformation corresponding to UIM 20B1 has already been stored in EEPROM22 of UIM 20B1; UIM 20B1 of subscriber SB is mounted to mobile station30 and the power supply of mobile station 30 is already switched on; andmobile station 30 can perform packet communication via mobile packetcommunication network 40 by using the telephone number corresponding toUIM 20B1.

If subscriber SB enters the instruction for downloading AP program PBfrom IP server device 10 to mobile station 30, the download processsimilar to the above-described download process for downloading APprogram PA to mobile station 30 with UIM 20A by subscriber SA is carriedout. However, in this download process, the URL of AP program PB issubstituted for the destination URL of the request message for sendingAP program, and AP program PB is substituted for the AP program includedin the distribution message transmitted from IP server 10 to mobilestation 30.

As a result of the above described process, AP program PB is stored withthe distributed AP identification information for identifying AP programPB in mobile station 30. In restriction table T1, the distributed APidentification information is stored with the contract identificationinformation included in the certification information stored in EEPROM22 of UIM 20B1.

(2-5) Execution Process of AP Program with UIM 20B1

The execution process of an AP program downloaded to mobile station 30by subscriber SB will be described in this section.

If subscriber SB enters the instruction for executing AP program PBstored in EEPROM 36 of mobile station 30, the execution process shown inFIG. 9 is executed. Namely, CPU 37 in mobile station 30 first performsthe mobile station information extraction for AP program PB, and carriesout the above-described UIM information extraction for UIM 20B1 (S221).Mobile station information extraction is carried out as follows: CPU 37searches restriction table T1 for the distributed AP identificationinformation. Restriction table T1 stores a plurality of data sets. Eachdata set of distributed AP identification information and contractidentification information corresponds to the distributed APidentification information. If CPU 37 finds the distributed APidentification information of AP program PB, CPU 37 extracts thecontract identification information corresponding to the distributed APidentification information. Then, CPU 37 carries out a comparisonprocess (S222) for comparing the contract identification informationextracted by mobile station information extraction with the contractidentification information extracted by UIM information extraction. CPU37 reads from EEPROM 36 and executes (S223 and S224) the AP program onlywhen the above two items of contract identification information arecongruent.

As described above, the contract identification information stored inrestriction table T1 with the distributed AP identification informationfor identifying AP program PB is contract identification informationcorresponding to UIM 20B1. Accordingly, in the comparison process, theabove two items of contract identification information are congruent.Therefore, CPU 37 reads from EEPROM 36 and executes AP program PB.

If subscriber SB enters the instruction for executing AP program PAstored in EEPROM 36, a process similar to the execution process of APprogram PB is carried out. In this case, the contract identificationinformation corresponding to UIM 20A is substituted for the contractidentification information extracted from restriction table TI.Accordingly, the two items of contract identification information arenot congruent. Therefore, CPU 37 does not execute AP program PA. Namely,the execution of AP program PA is inhibited.

(2-6) Backup Process of AP Program with UIM 20B1

The output process of an AP program from mobile station 30 for backup toPC 70 existing outside mobile station 30 will be described in thissection. Here, the AP program is downloaded to mobile station 30 bysubscriber SB.

In this section, the following is assumed: mobile station 30 and PC 70are disposed so that the receiver/transmitter units for IR communicationof mobile station 30 and PC 70 are opposed to each other; and mobilestation 30 and PC 70 can perform IR communication with each other.

If subscriber SB enters the instruction for outputting AP programsstored in EEPROM 36 to mobile station 30, the output process shown inFIG. 10 is carried out. Namely, CPU 37 of mobile station 30 firstcarries out the above-described UIM information extraction (S231). Then,CPU 37 executes the above-described mobile station informationextraction and comparison process (S232-S235) for each AP program storedin EEPROM 37. Only for the AP programs judged to have congruent items ofcontract identification information in the comparison process, CPU 37executes the following processes: first, CPU 37 reads the AP programfrom EEPROM 36; next, CPU 37 generates an encryption key correspondingto the contract identification information extracted by the UIMinformation extraction, and encrypts the AP program by using theencryption key as the public key; and finally, CPU 37 outputs (S236) theencrypted AP program from IR communication unit 35 as IR signal for IRcommunication.

In the case of the comparison process for AP program PA, the two itemsof contract identification information are not congruent. Therefore,mobile station 30 does not output AP program PA. Namely, the outputprocess for AP program PA is inhibited.

In the case of the comparison process for AP program PB, the two itemsof contract identification information are congruent. Therefore, CPU 37reads AP program PB from EEPROM 36, and encrypts AP program PB by usingthe encryption key generated by the above-described UIM informationextraction as the public key. Then, CPU 37 transmits the encrypted APprogram PB to PC 70 by IR communication. The transmitted AP program PBis received and is stored by PC 70. It is impossible to decrypt the APprogram PB because the contract identification information and theencryption key are never outputted outside mobile station 30. Theencryption key for encrypting AP program PB was generated in accordancewith the contract identification information corresponding to UIM 20B1.Namely, the execution of AP program PB is inhibited.

(2-7) Various Processes with UIM 20B2

The various processes when subscriber SB obtains new UIM 20B2 with his(her) subscription contract being continued, will be described in thissection.

In this section, the following is assumed: UIM 20B2 is mounted to mobilestation 30 and the power supply of mobile station 30 is already switchedon; and mobile station 30 can perform packet communication via themobile packet communication network by using the telephone numbercorresponding to UIM 20B2.

When subscriber SB starts the usage of UIM 20B2, the process (FIG. 7) issimilar to the process carried out in starting the usage of UIM 20A bysubscriber SA as described above. In this case, the UIM identificationinformation corresponding to UIM 20B2 is substituted for the UIMidentification information included in the request message for thecontract identification information transmitted from mobile station 30to server device 60. Accordingly, the certification informationgenerated in server device 60 and stored in EEPROM 22 of UIM 20B2 showsthat UIM 20B2 is a UIM which can conform to the subscription contract(i.e. continued subscription contract) for subscriber SB. Of course, thecertification information is not congruent with the certificationinformation for UMI 20B1.

The contract identification information is included in the certificationinformation stored in EEPROM 22 of UIM 20B2, the contract identificationinformation includes the subscription contract to which UIM 20B1corresponds and which has been continued. Therefore, the contractidentification information in the certification information stored inEEPROM 22 of UIM 20B2 is congruent with the contract certificationinformation stored in EEPROM 22 of UIM B1.

If subscriber SB attempts to execute AP program PB stored in EEPROM 36of mobile station 30, the process (FIG. 9) similar to theabove-described execution process of AP program PB with UIM 20B1 iscarried out for not UIM 20B1 but for UIM 20B2. As described about, sincethe contract identification information stored in UIM 20B2 is congruentwith that in UIM 20B1, the former contract identification information iscongruent with the contract identification information extracted by themobile station information extraction. Therefore, AP program PB isexecuted in mobile station 30. Namely, subscriber SB can use AP programPB by using UIM 20B2 similarly to the case where UIM 20B1 is mounted tomobile station 30. Further, AP program PB can be outputted similarly tothe case where UIM 20B1 is mounted to mobile station 30.

[2] Second Embodiment

The major difference between the usage restriction system of the firstembodiment and that of the second embodiment is the use of restrictiontable T1. In the second embodiment, it is not necessary to userestriction table T1 by encrypting downloaded AP programs. Herein below,the differences between the usage restriction system of the firstembodiment and that of the second embodiment, will be described.

(1) Configuration

FIG. 11 shows an overall configuration of the system in the secondembodiment. The system in FIG. 11 differs in only one point to thesystem in FIG. 1; mobile station 80 is substituted for mobile station30. Mobile station 80 in FIG. 11 differs in only three points to mobilestation 30 in FIG. 1; EEPROM 81 is substituted for mobile station 36,ROM 82 is substituted for ROM 82, and CPU 83 is substituted for CPU 37.

EEPROM 81 stores different contents from EEPROM 36, and this is the onlydifference between EEPROM 81 and EEPROM 36. ROM 82 stores differentcontrol program from ROM 38, and this is the only difference between ROM82 and ROM 38. CPU 83 executes the control program stored in ROM 82, andthis is the only difference between CPU 83 and CPU 37. According tothese differences, the download process, execution process, and outputprocess carried out by CPU 83 are different from those executed by CPU37.

(2) Operation

The operation in the second embodiment will be described. However, thedescription for the differences in accordance with only the substitutionof mobile station 80 for mobile station 30, are omitted. Note that theassumptions of the process in the second embodiment are the same asthose in the first embodiment. The description for initiating the usageof UIM 20A is omitted because the process is the same as that in thefirst embodiment.

(2-1) Download Process of AP Program with UIM 20A

When subscriber SA downloads AP program PA to mobile station 80 with UIM20A, the download process shown in FIG. 13 is carried out. Namely, asimilar process (S211, S212) to the download process in the firstembodiment is carried out until the CPU 83 of mobile station 80 receivesthe distribution message. Then, CPU 83 carries out the UIM informationextraction (S801), then obtains the certification information stored inUIM 20A, and finally extracts the contract identification informationfrom the certification information. Then, CPU 83 generates an encryptionkey in accordance with the extracted contract identificationinformation, and encrypts (S802) the AP program by using the encryptionkey as the public key. Finally, CPU 83 stores (S803) the encrypted APprogram in EEPROM 81.

(2-2) Download Process of AP Program with UIM 20B1

When subscriber SB downloads AP program PB to mobile station 80 with UIM20B1, a process similar to the above-described download process fordownloading AP program PA to mobile station 30 with UIM 20A bysubscriber SA is carried out. In this case, AP program PB is encryptedby using the encryption key generated in accordance with the contractidentification information included in the certification informationstored in UIM 20B1 because the UIM mounted to mobile station 80 is notUIM 20A but UIM 20B1.

(2-3) Execution Process of AP Program with UIM 20B1

When subscriber SB attempts to execute AP program PB downloaded tomobile station 80, the execution process shown in FIG. 14 is carriedout. Namely, CPU 83 of mobile station 80 first carries out the UIMinformation extraction (S811) for UIM 20B1. In this process, thecontract identification information corresponding to UIM 20B1 isextracted. Then, CPU 83 carries out the decryption (S812) using theencryption key corresponding to the contract identification informationfor AP program PB read from EEPROM 81. Both the encryption key used whenencrypting AP program PB and that used when decrypting the AP program PBare the encryption key corresponding to the contract identificationinformation stored in UIM 20B1. Namely, they are congruent. Therefore,AP program PB is correctly decrypted by the above decryption. Finally,CPU 83 attempts to execute the decrypted AP program PB, and AP programPB is executed because AP program PB has been decrypted correctly.

When subscriber SB enters the instruction for executing AP program PAstored in EEPROM 81, a process similar to the execution process of APprogram PB is carried out. In this case, the encryption key forencrypting AP program PA is the encryption key corresponding to thecontract identification information stored in UIM 20A, even though theencryption key for decrypting the AP program PA is an encryption keycorresponding to UIM 20B1. Namely, the two encryption keys are notcongruent. Therefore, AP program PA is not executed correctly.

(2-4) Backup Process of AP Program with UIM 20B1

When subscriber SB attempts to output the downloaded AP program frommobile station 80 to PC 70 existing outside mobile station 80 forbackup, AP program PA and PB are read from EEPROM 81 by CPU 83 of mobilestation 80 and then are outputted to PC 70. The outputted AP programs PAand PB are received and stored by PC 70. Note that it is impossible todecrypt the AP programs PA and PB because the contract identificationinformation necessary for decrypting the AP programs is never outputtedoutside mobile station 80.

(2-5) Various Operation with UIM 20B2

When subscriber SB obtains new UIM 20B2 because of malfunction of UIM20B I or the like with his (her) subscription contract being continued,first, a process similar to that in the first embodiment is carried outand then the certification information in accordance with UIM 20B2 isstored in UIM 20B2. The certification information is not congruent withthe certification information stored in UIM 20B1, but the contractidentification information stored in UIM 20B2 is congruent with thecontract identification information stored in UIM 20B1.

When subscriber SB attempts to execute AP program PB in mobile station80, an execution process similar to the above-described executionprocess is carried out for not UIM 20B1 but UIM 20B2. Consequently, APprogram PB is executed correctly in mobile station 80. When subscriberSB attempts to output AP program PB stored in EEPROM 36 of mobilestation 80 to outside of mobile station 80, an output process similar tothe above-described output process is carried out for not UIM 20B1 butUIM 20B2. Consequently, the encrypted AP program PB is outputted to PC70. Namely, subscriber SB can execute or output AP program PB similarlyto the case where UIM 20B1 is mounted to mobile station 80.

[3] EFFECT OF THE EMBODIMENTS

As described above, according to the preferred embodiments of thepresent invention, a user can execute or output an AP program correctlyonly by using the UIM corresponding to the same contract identificationinformation as the UIM mounted to the mobile station when downloadingthe AP program from IP server 10 to the mobile station.

According to the preferred embodiments of the present invention, it isimpossible to execute the AP program outside the mobile station becausethe AP program is encrypted by information which is never outputted fromthe mobile station.

Therefore, usage of the AP program above the range permitted by thecopyright holder of the AP program can be excluded.

According to the preferred embodiments of the present invention, thecontract identification information is transmitted via a securecommunication route. The contract-identification information isdistributed after being encrypted by using the secret key of thecommunication carrier serving the communication route. It is impossibleto rewrite the UIM identification information in UIM. Accordingly, highlevel security can be ensured by the preferred embodiments of thepresent invention.

According to the preferred embodiments of the present invention, asubscriber can store his (her) contract identification information byoperating his (her) mobile station. Namely, it is not necessary for thesubscriber to visit an outlet for mobile stations or UIMs for storingthe contract identification information.

In the preferred embodiments of the present invention, the contractidentification information is distributed via the mobile packetcommunication network by the communication carrier serving the mobilepacket communication network via which an AP program is distributed to amobile station. These embodiments are preferred for business use, as thecommunication carrier deputizes for the collection of the charge for APprogram distributed to the mobile station.

According to the first embodiment of the present invention, the APprogram is stored without being encrypted. Accordingly, it is notnecessary to decrypt the AP program when executing the AP program. Thatis an advantage for a mobile station, which has lower calculation powerthan a PC.

According to the second embodiment of the present invention, it is notnecessary to use the restriction table. Accordingly, the processcorresponding to the restriction table can be omitted. It is also notnecessary to encrypt the AP program when outputting. That is anadvantage especially in the case that one AP program is outputted manytimes.

[4] Modifications

The storage process of the contract identification information in theUIM may be initiated by switching on the power supply or registering thelocation of the mobile station instead of the operation by the user. Ofcourse, the contract identification information may be stored only whenthe result of the search for the contract identification information ofthe UIM by the mobile station is that the contract identificationinformation has not been stored yet. Further, the server device may sendthe contract identification information at a predetermined time intervalto the UIM which has not stored the contract identification information.

Although the distribution and request of contract identificationinformation are carried out via a communication network in theabove-described embodiments, the technical scope of the presentinvention is not restricted by this. For example, the UIM identificationinformation of the purchased UIM may be transmitted from the retailoutlet which sold the UIM to server device 60, and the contractidentification information corresponding to the contract identificationinformation may also be transmitted from server device 60 to the mobilestation with the UIM via a communication network. Alternatively, forexample, the contract identification information may be stored in theUIM before the user obtains the UIM.

Although restriction is carried out for the distributed AP program inthe above-described embodiments, the technical scope of the presentinvention is not restricted by the examples. The restriction may becarried out for the content which has been stored in the mobile stationprior to the purchasing the mobile station. In this embodiment, aprocess similar to the download process of an AP program in thepreferred embodiments is carried out before or when purchasing themobile station.

In the preferred embodiments, server device 60 is described as a singledevice, but the feature of server device 60 may be dispersed to aplurality of devices. For example, a device for relaying communicationdata and a device for issuing certification information (helpingauthorization) may be substituted for server device 60. A device forauthorizing and a device for requesting an authorization may further besubstituted for the latter device.

Although the IP server device is connected to server device 60 via theInternet in the above-described embodiments, the IP server may beconnected to server device 60 via a common carrier-leased line or serverdevice 60 itself may distribute the requested content. Namely, it is notnecessary for server device 60 to be connected to the Internet.

Although the AP program to be downloaded is identified by using a URL inthe above-described embodiments, any identification information capableof uniquely identifying a resource may be used for identifying the APprogram. The identification information may include URI (UniformResource Identifier). Of course, an AP program may be identified by acombination of the information showing the destination address of therequest message for download and the information for identifying the APprogram at the destination.

Although the public key of the communication carrier which serves themobile packet communication network is stored in the mobile station andthe certification information is decrypted by using the public key inthe above-described embodiments, the public key may be stored in the UIMand the certification information be decrypted by using this public key.In this case, it is not necessary for the mobile station to store thepublic key.

The user authorization by UIM or by the mobile packet communicationnetwork, or the mobile station authorization or the UIM authorization bythe mobile packet communication network may be combined with theabove-described embodiments. This modification allows unauthorized usageto be excluded more certainly.

Although the communication between UIM and server device 60 isterminated by the mobile station in the above-described embodiments, thecommunication between UIM and server device 60 may be an End-to-Endcommunication with a certain security. The certification information maybe downloaded to the UIM via such an End-to-End communication route.

Although the encryption of the AP program is carried out in the mobilestation, the encryption of the AP program may be carried out by the IPserver device by using the contract identification informationtransmitted from the mobile station to the IP server device. Then, theencrypted AP program may be transmitted to the mobile station. In thismodification, the encryption of the AP program may be carried out byserver device 60. This modification allows the contract identificationinformation (namely, personal information) to be not transmitted to theInternet.

Although the encryption key used when encrypting the content is theencryption key in accordance with the contract identificationinformation stored in the UIM mounted to the mobile station at that timein the second embodiment, the technical scope of the present inventionis not restricted to this. For example, the following processes (1-A)and (1-B)-(3-A) and (3-B) may be carried out in order. Note that theexecution order of (1-A) and (1-B) is arbitrary and that it may bepossible to carry out one only of (3-A) and (3-B).

(1-A) A first encryption key for encrypting a content is generatedfreely in the mobile station. The AP program is encrypted by using thefirst encryption key.

(1-B) A second encryption key is generated by using the contractidentification information stored in the UIM mounted to the mobilestation and the secret rule for generating an encryption key based onthe contract identification information. The first key is encrypted byusing the second encryption key.

(2) The encrypted AP program is stored with the encrypted firstencryption key.

(3-A) When executing the AP program, the first encryption key storedwith the encrypted AP program is decrypted by using the contractidentification information stored in the UIM mounted to the mobilestation and the above-described rule for generating an encryption key.The AP program is decrypted by using the decrypted first encryption key,and then the decrypted AP program is executed.

(3-B) When outputting the AP program, the mobile station outputs theencrypted AP program and the encrypted first encryption key stored withthe AP program.

According to this embodiment, if the contract identification informationleaks, it is impossible to execute the encrypted AP program because therule for generating the encryption key which is necessary for decryptingthe first encryption key is secret. This embodiment further has theadvantage that the key space of the second encryption key is not limitedbecause the second encryption key is generated freely.

Although PC is shown as an example of device for backup AP programs inthe above-described embodiments, the technical scope of the presentinvention is not restricted to this. Any device capable of communicatingto a mobile station and storing information, may be used as a device forbackup AP programs.

Although the usage restriction is applied to AP programs in theabove-described embodiments, the usage restriction may be applied forany contents, for example, image data or music data.

Although execution and output are shown as examples of “usage” in theabove-described embodiments, of course the type of usage is modified inresponse to the kind of contents to be restricted, for example,“display” for image data or “play” for music data.

Although a mobile station is shown as an example of a device forrestricting contents usage in the above-described embodiments, thetechnical scope of the present invention is not restricted to this. Anycommunication device which can receive and store content whose usageshould be restricted, may be substituted for the mobile station in theabove-described embodiments.

Although the contract identification information is included in thecertification information in the above-described embodiments, any dataencrypted by the secret key of the communication carrier may besubstituted for the certification information in the above-describedembodiments. The encryption rule may be modified in response to therequired security level for the system.

Although the mobile packet communication network is used in theabove-described embodiments, circuit switching network or fixed networkmay be substituted for the mobile packet communication network in theabove-described embodiments.

Although the mobile station and the UIM communicate with each other bywired communication in the above-described embodiments, the mobilestation and the UIM may communicate with each other by wirelesscommunication.

Although the contract identification information is stored in the UIM inthe above-described embodiments, the contract identification informationmay be stored in another storage medium such as a memory card. Note thatthe storage medium is required to store the identification informationfor uniquely identifying the storage medium.

[5] Effect of the Present Invention

As described above, the present invention allows a communication deviceto identify the subscriber who attempts to use the communication devicebecause the contract identification information stored in the storagemedium capable of communicating to the communication device is availablefor the communication device.

1. A server device, comprising: storage means for storingcorrespondingly contract identification information for identifying asubscription contract which is made between a subscriber to acommunication service and a communication carrier providing the service,and medium identification information for identifying a storage mediumissued based on the subscription contract; receiving means for receivingthe medium identification information; extracting means for extractingfrom the storage means the contract identification informationcorresponding to the medium identification information received by thereceiving means; and transmitting means for transmitting the contractidentification information extracted by the extracting means to acommunication apparatus for storing the received information in thestorage medium, the communication apparatus being capable of accessingthe storage medium identified by the medium identification informationreceived by the receiving means.
 2. A server device according to claim1, wherein: the transmitting means transmits the contract identificationinformation only via a communication network served by the communicationcarrier, the contract identification information being extracted by theextracting means; and the communication network transmits informationonly to a device or an apparatus authorized by any server served by thecommunication carrier.
 3. A server device according to claim 1, whereinthe receiving means receives the contract identification informationtransmitted from the communication apparatus employed in thecommunication network served by the communication carrier.
 4. A serverdevice according to claim 1, further comprising: encrypting means forencrypting the contract identification information by using a secret keyof the communication carrier, the contract identification informationbeing extracted by the extracting means; wherein the transmitting meanstransmits the contract identification information encrypted by theencrypting means to the communication apparatus which transmits receivedinformation to the storage medium identified by the mediumidentification information received by the receiving means.
 5. Acommunication apparatus, comprising: medium identification informationextracting means for extracting medium identification information from astorage medium issued based on a subscription contract between asubscriber to a communication service and a communication carrierproviding the communication service, the storage medium being capable ofcommunication with the communication apparatus; identificationinformation transmitting means for transmitting the mediumidentification information to a server device, the medium identificationinformation being extracted by the medium identification informationextracting means, the server device transmitting contract identificationinformation for identifying the subscription contract based on which thestorage medium is issued, the storage medium storing the received mediumidentification information; identification information receiving meansfor receiving the contract identification information transmitted fromthe server device; and storage means for storing the contractidentification information in the storage medium whose identificationinformation is extracted by the medium identification informationextracting means, the contract identification information being receivedby the identification information receiving means.
 6. A communicationapparatus according to claim 5, further comprising: contents receivingmeans for receiving a content; memorizing means for memorizingcorrespondingly the content and the contract identification informationstored in the storage medium capable of communicating with thecommunication apparatus, the content being received by the contentsreceiving means; input means for inputting an instruction for the usageof the content; contract extracting means for extracting the contractidentification information from the storage medium capable ofcommunication with the communication apparatus when using the contentmemorized by the memorizing means; and restricting means for permittingthe usage of the content only when the contract identificationinformation extracted by the contract extracting means and the contractidentification information stored correspondingly with the content forwhich the instruction of usage is entered are congruent.
 7. Acommunication apparatus according to claim 5, further comprising:contents receiving means for receiving a content; encrypting means forencrypting the content by using the contract identification informationstored in the storage medium capable of communicating with thecommunication apparatus, the contents being received by the contentsreceiving means; and memorizing means for memorizing the contentencrypted by the encrypting means.
 8. A communication apparatusaccording to claim 5, further comprising: contents receiving means forreceiving a content; contents encrypting means for encrypting thecontent by using a first encryption key generated after the contents isreceived by the contents receiving means; key encrypting means forencrypting the first encryption key by using a second encryption keygenerated based on both the contract identification information and apredetermined rule for generating encryption keys after the contents isreceived by the contents receiving means; and memorizing means formemorizing correspondingly the content and the second encryption keyencrypted by the key encrypting means, the contents being encrypted bythe contents encrypting means.
 9. A communication apparatus according toclaim 7, further comprising: contract extracting means for extractingthe contract identification information from the storage medium capableof communicating to the communication apparatus when using the contentsmemorized in the memorizing means; and decrypting means for decryptingthe content to be used by using the contract identification informationextracted by the contract extracting means.
 10. A communicationapparatus according to claim 8, further comprising: contract extractingmeans for extracting the contract identification information from thestorage medium capable of communicating with the communication apparatuswhen using the contents memorized in the memorizing means; anddecrypting means for decrypting the content to be used by using thecontract identification information extracted by the contract extractingmeans.
 11. An application for causing a computer to carry out the stepsof: storing correspondingly contract identification information andmedium identification information, the contract identificationinformation identifying a subscription contract between a subscriber toa communication service and a communication carrier providing theservice, the medium identification information identifying a storagemedium issued based on the subscription contract; receiving the mediumidentification information; extracting the contract identificationinformation stored by the storing step corresponding to the mediumidentification information received by the receiving step; andtransmitting the contract identification information extracted by theextracting step to a communication apparatus for storing the receivedinformation in the storage medium, which is capable of accessing thestorage medium identified by the medium identification informationreceived by the receiving step.
 12. An application for causing acomputer to carry out the steps of: extracting medium identificationinformation from a storage medium issued based on a subscriptioncontract between a subscriber to a communication service and acommunication carrier providing the service, the storage medium storingunique medium identification information and being capable ofcommunicating to a communication apparatus; transmitting the mediumidentification information to a server device which transmits thecontract identification information for uniquely identifying thesubscription contract based on which the storage medium was issued, thestorage medium storing the received medium identification information;receiving the contract identification information transmitted from theserver device; and storing the contract identification information inthe storage medium whose medium identification information was extractedby the extracting step, the contract identification information beingreceived by receiving step of the contract identification information.